Comparison required from experience: Microsoft De... - Page 2

Caute_cautim · ‎01-29-2020

Hi All

I need an objective assessment from your experiences: Microsoft Defender is yet, another heavily discounted solution from the same stable. So lets paint the scenario the Microsoft tool set is compromised, how can you then trust the same tool set to detect, prevent and respond to those same threats? Can you trust it?

Cost is a great weapon, to the CEO, CIO, CFO but from a practical security perspective would you feel safe to put your name behind the decision?

Even NIST talks about layers of defense, so putting cost aside - how would you rate Microsoft Defender within your organisation?

Regards

Caute_cautim

Steve-Wilme · ‎01-31-2020

Very true, traditional AV isn't necessarily the silver bullet against ransomware. You can have fully up to date endpoint protection on clients and servers, but still be subject to successful ransomware attacks. You need to ensure that you're patched up to date and not just OS patches, have filtering on your internet proxies, anti malware running on firewalls, control of removable media, tight control of the software your run internally etc. Ransomware can exploit any weakness in your overall security posture, even a simple things such as being a few days late to patch a vulnerability.

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS

Caute_cautim · ‎01-31-2020

Hi @jmarshall1956 I followed up with some of my international colleagues, they stated that with the MS Defender, one should remember that central management is provided by SCCM, which is also associated with SMS messaging and all the issues that comes with it too - from an organisational perspective.

If they want full NGAV (New Generation AV) then any organisation would have to add the MS Advanced Threat Protection (ATP) as well, which does come from a cost. I totally agree with others, who have contributed it is a balance of risk and layers of defense. However, in my opinion, one should not be entirely dependent on one vendor, as no matter what they say, do or promise in terms of capability or fantastic offer. They can be caught out, and unfortunately, the consumer then becomes the victim.

Regards

Caute_cautim

rslade · ‎02-01-2020

> Caute_cautim (Community Champion) posted a new reply in Tech Talk on 01-31-2020

> If they want full NGAV (New Generation AV)

Oooh!! The 5G of antivirus protection! I feel all tingly!

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
The things that count most in life, usually can't be counted.
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468

Caute_cautim · ‎02-01-2020

@rsladeYou most certainly could feel tingly, if someone turns up the power on the inside 5G antenna at 30- GHz : https://spectrum.ieee.org/news-from-around-ieee/the-institute/ieee-member-news/will-5g-be-bad-for-ou...

https://www.howtogeek.com/423720/how-worried-should-you-be-about-the-health-risks-of-5g/

Its not the power that is emitted, at the transmitter, even if it is low, one should be looking at the actual gain of the antenna used, which can cause the actual RF power to many times higher than original input.

It's rather like the days of ship borne radio officer's one was always told to remove the fuses, before doing maintenance, in the hope some idiot did not replace them, whilst one was maintaining the antenna or looking down the waveguide.

Here's to the tingly feeling and you are wondering, why you are feeling hot under the collar.

Regards

Caute_cautim

Comparison required from experience: Microsoft Defender vs Carbon Black or others